The branch, master has been updated via 5f8f1be s3-kerberos: make ipv6 support for generated krb5 config files more robust. from fc4845f s3: rpc_server/srvsvc: count open files in NetConnEnum
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 5f8f1be7a8595e74218624367bb7b643c2d0bb27 Author: Günther Deschner <g...@samba.org> Date: Wed Apr 2 19:37:34 2014 +0200 s3-kerberos: make ipv6 support for generated krb5 config files more robust. Older MIT Kerberos libraries will add any secondary ipv6 address as ipv4 address, defining the (default) krb5 port 88 circumvents that. Guenther Signed-off-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Günther Deschner <g...@samba.org> Autobuild-Date(master): Fri Apr 4 16:33:12 CEST 2014 on sn-devel-104 ----------------------------------------------------------------------- Summary of changes: source3/libads/kerberos.c | 29 +++++++++++++++++++++++++++-- 1 files changed, 27 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 649e568..f3c23ea 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -615,6 +615,31 @@ static void add_sockaddr_unique(struct sockaddr_storage *addrs, int *num_addrs, *num_addrs += 1; } +/* print_canonical_sockaddr prints an ipv6 addr in the form of +* [ipv6.addr]. This string, when put in a generated krb5.conf file is not +* always properly dealt with by some older krb5 libraries. Adding the hard-coded +* portnumber workarounds the issue. - gd */ + +static char *print_canonical_sockaddr_with_port(TALLOC_CTX *mem_ctx, + const struct sockaddr_storage *pss) +{ + char *str = NULL; + + str = print_canonical_sockaddr(mem_ctx, pss); + if (str == NULL) { + return NULL; + } + + if (pss->ss_family != AF_INET6) { + return str; + } + +#if defined(HAVE_IPV6) + str = talloc_asprintf_append(str, ":88"); +#endif + return str; +} + static char *get_kdc_ip_string(char *mem_ctx, const char *realm, const char *sitename, @@ -634,7 +659,7 @@ static char *get_kdc_ip_string(char *mem_ctx, struct netlogon_samlogon_response **responses = NULL; NTSTATUS status; char *kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n", "", - print_canonical_sockaddr(mem_ctx, pss)); + print_canonical_sockaddr_with_port(mem_ctx, pss)); if (kdc_str == NULL) { TALLOC_FREE(frame); @@ -726,7 +751,7 @@ static char *get_kdc_ip_string(char *mem_ctx, /* Append to the string - inefficient but not done often. */ new_kdc_str = talloc_asprintf(mem_ctx, "%s\tkdc = %s\n", kdc_str, - print_canonical_sockaddr(mem_ctx, &dc_addrs[i])); + print_canonical_sockaddr_with_port(mem_ctx, &dc_addrs[i])); if (new_kdc_str == NULL) { goto fail; } -- Samba Shared Repository